This project documents my work and findings from the ANZ Australia Cyber Security Management Virtual Experience Program hosted on Forage.

The simulation involved analyzing network traffic captured in a PCAP file using Wireshark and identifying potential cybersecurity threats. Tasks included extracting and analyzing images, documents, and hidden messages from HTTP traffic.

• Wireshark
• HxD Hex Editor
• Base64 Decoder
• Online ZIP Extractor

• Extracted anz-logo.jpg and bank-card.jpg from PCAP by identifying HTTP GET requests and carving JPEG data based on hex signatures.

• Extracted ANZ1.jpg and ANZ2.jpg with hidden messages appended post image footer:
  • ANZ1: “You've found a hidden message in this file!”
  • ANZ2: “You've found the hidden message! Images are sometimes more than they appear.”

• Recovered a suspicious document how-to-commit-crimes.docx containing a message implying malicious intent.

• Extracted PDFs: ANZ_Document.pdf, ANZ_Document2.pdf, and evil.pdf.

• File hiddenmessage2.txt was a disguised JPEG image.

• atm-image.jpg contained two concatenated JPEG images in a single GET request.

• broken.png was base64 encoded. Decoded and reconstructed successfully.

• securepdf.pdf was a disguised ZIP containing an encrypted PDF. Password “secure” was found in TCP stream.

All recovered images and documents are included in this repository under the /artifacts directory.

See ANZ_PCAP_Investigation_Report.pdf for detailed methodology and visual evidence.

👤 Author: Akash Sebastian
📅 Completed: April 2025